Appl.No. 10/705,212 

Amdt. dated January 22, 2008 

Reply to Office Action of October 4, 2007 



PATENT 



REMARKS/ARGUMENTS 

This Amendment is responsive to the Office Action mailed on October 4, 2007. 
In this Amendment, claims 1-6, 8, 11, and 19-20 are amended, and claims 38-40 are added so 
that claims 1-8, 10-17, 19-26, and 28-40 are pending and subject to examination on the merits. 

On December 6, 2007, a telephonic interview was held between the Examiner and 
the undersigned. The Examiner clarified that the "Central Transaction Server" as used in relation 
to the Gerdes reference means the Authentication Server as disclosed in Gerdes. The Examiner 
further requested this response clarify the usage of the term pseudonym. In addition, the 
Examiner clarified that the omission of a reason for rejection of claims 32 and 33 in the office 
action was an oversight, and those claims were rejected for the same reasons as claims 1 and 10 
respectively. The undersigned thanks the Examiner for her time and her careful consideration of 
the applicant's arguments. 

I. Claim Objections 

Claims 1-7 are objected to because of the following informalities: recites the 
intended use phrase "adapted to". 

All claims reciting the intended use phrase "adapted to" have been amended to 
remove the objected to language. Applicant respectfully requests the withdrawal of this 
objection. 

II. 35 USC 103 - Sunder et al. and Gerdes et al. 

Claims 1-3, 10-12 and 19-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over US Publication No. 2005/0021781 to Sunder et al. ("Sunder") in view of U.S. 
Publication No. 2003/0046541 to Gerdes et al. ("Gerdes"). This rejection is traversed. 

Sunder and Gerdes, alone or in combination, fail to disclose the limitation of a central 
transaction server that "initiates a payment request process ." Regarding claims 1, 10, and 19, the 
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office action admits Sunder does not teach a central transaction server initiating a payment 
request. The office action asserts that this limitation is taught in Gerdes, Paragraph 14, which 
states: 

After successful completion of the analysis, the authentication server sends a confirmation 
of the user identity to the service provider. The confirmation of the user identity confirms 
the request for confirmation of the user identity issued by the service provider. Based on the 
received confirmation of the user identity, the service provider grants service access to 
the user or can request additional information before granting service access, e.g. a 
credit card number of the user for services charging costs to the user. 

(emphasis added). The system as disclosed in Gerdes consists of multiple service provider 
servers interacting with a authentication server in order to confirm the identity of a user. Upon 
confirmation of the identity of the user, the authorization server sends such confirmation 
information back to the service provider server. Once the user's identity has been established, 
there is no further interaction with the authentication server. 

As was clarified in the telephonic interview, the office action is referring to the 
authentication server as disclosed in Gerdes to be the equivalent of the central transaction server 
of the present application. As is clear from the cited portion of Gerdes, the decision to possibly 
initiate a payment request is entirely up to the service provider server, without further interaction 
with the authentication server. Therefore, Gerdes does not disclose a central transaction server 
(the authentication server) initiating a payment request (this is optionally done by the service 
provider server). 

Sunder discloses a client device communicating with a network access point, the network 
access point communicating with an authentication server, and the network access point 
communicating a reply to the client device. (Sunder P[0006-0010]). When this is combined with 
Gerdes, the network access point would be the equivalent of the service provider server and the 
authentication server of Sunder and Gerdes would be equivalent. Combined with Gerdes, this 
would result in the network access point (the service provider server) initiating a charge request. 
This still fails to disclose a central transaction server (the authentication server in Sunder and 
Gerdes) initiating a payment request. 
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Thus, claim 1 should be allowed, because Sunder and Gerdes, alone or in combination, 
fail to disclose a central transaction server that "initiates a payment request process." Claims 10 
and 19 are similar to claim 1, and should be allowed for the same reason. Claims 2, 3, 11, 12, 
20, and 21 are allowable by virtue of their dependence from claims 1,10, and 19 respectively. 

III. 35 USC 103 - Sunder and Gerdes and Golan et al. 

Claims 4-6, 13-15, 22-24 and 28-31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sunder and Gerdes as applied to claims 1, 10 and 19 above, and further in 
view of U.S. Publication No. 2004/0254848 to Golan et al. ("Golan"). 

Golan is cited to address limitations in various dependent claims. Golan does not remedy 
the described deficiencies of Sunder and Gerdes with respect to claims 1,10, and 19. As such, 
the above claims are allowable due to their dependence from claims 1,10 and 19 respectively. 

IV. 35 USC 103 - Sunder and Gerdes and Otto et al. 

Claims 7, 16 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Sunder and Gerdes as applied to claims 1,10 and 19 above, and further in view of US 
Publication No. 2001/0029496 to Otto et al. ("Otto"). This rejection is traversed. 

Sunder, Gerdes, and Otto, alone or in combination, fail to disclose the limitation of "the 
authentication request includes a pseudonym corresponding to an electronic commerce card 
account number and previously created by the central transaction server." The office action 
admits that Sunder and Gerdes do not disclose an authentication request including a pseudonym 
corresponding to an electronic commerce card account number and previously created by a 
central transaction server. The office action alleges this feature is taught by Otto. 

Otto discloses a system whereby the issuer of a payment card may set up an account that 
is associated with anonymous identifying information. (Otto, P[0027-0029]). The account may 
be issued a payment card and account number, such that transactions from this account appear to 
merchants, etc. to be completely normal transactions. (Id.). The anonymous account behaves for 
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all purposes like a normal account, and there is no change in merchant processing for these 
accounts. (Otto, P[0039]). 

The office action appears to mischaracterize the use of pseudonym as used in claim 7, 16, 
and 25. A pseudonym as disclosed in the present application is not an account number, but 
rather it can be a code or number that can be linked with an account number. (Specification 
P[0016]). This pseudonym can be used to correlate certain aspects of a transaction. 
(Specification P[0018]). Further, the pseudonym is not necessarily a permanent entity, it may be 
set to expire after a certain period of time. (Specification P[0019]). For example, in the system 
disclosed, the pseudonym can be used to verify that a specific authentication response 
corresponds to a specific Verify Enrollment Request for a specific transaction. (Specification 
P[0035]). Because the pseudonyms may expire, if an attempt is made to use a response or 
request from a previous transaction with a new transaction, the attempt will fail, because the 
pseudonyms do not match. 

This is unlike the system disclosed in Otto. The account number in Otto is a completely 
valid, static account number, that is associated with anonymous owner data. In fact, an 
anonymous account number as disclosed in Otto would be processed by the present system in 
exactly the same manner as any other account number. That is, a transaction would generate 
various authorization messages and responses, and a pseudonym for the anonymous account 
number, valid for a period of time, would be generated. 

Accordingly, the office action's reliance on Otto is based on a mischaracterization of the 
term pseudonym, and the rejection of the above claims is improper. 

V. 35 USC 103 - Sunder and Gerdes and Allen 

Claims 8, 17 and 26 are rejected under 35 U.S. C. 103(a) as being unpatentable 
over Sunder and Gerdes as applied to claims 1,10 and 19 above, and further in view of US 
Publication No. 2003/0 168510 to Allen. This rejection is traversed. 

The system disclosed in Allen is very similar to that disclosed by Otto in the previous 
rejection. Both deal with generating valid account numbers that are associated with anonymous 
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identities. As such, Allen does not disclose a pseudonym, for the same reasons as discussed 
previously in reference to Otto. 

Accordingly, the office action's reliance on Allen is based on a mischaracterization of the 
term pseudonym, and the rejection of the above claims is improper. 

VI. 35 USC 103 - Sunder and Golan and Allen 

Claims 34-37 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sunder and Golan in view of Allen. This rejection is traversed. 
The office action asserts that: 

As for creating an altered verifying enrollment response comprising a pseudonym and sending the 
altered verifying enrollment response to a merchant system, wherein the merchant system 
subsequently sends an authentication request including the pseudonym to a holder system, 
combining the pseudonym concepts taught by Sunder, the verification of enrollment concepts 
taught by Golan and the creation of a pseudonym taught by Allen (see paragraphs [0002], 
[0028] & abstract) would result in these steps. 

(emphasis added). Although Sunder may disclose an authentication concept, it does not disclose 
a pseudonym concept. Furthermore, as discussed previously, the concept of a pseudonym is not 
disclosed in Allen. Because the concept of a pseudonym is not disclosed in any of the 
references, alone or in combination, the rejection of claim 34 is improper. The rejection of 
claims 35-37 is also improper due to their dependence from claim 34. 

VII. Claims 32 and 33 

Claims 32 and 33 were not addressed in the office action. The examiner stated during the 
telephonic interview that this was an oversight, and that claims 32 and 33 should have been 
rejected for the same reasons as claims 1 and 10 respectively. Claims 32 and 33 are allowable by 
virtue of their dependence from claims 1 and 10 respectively (see arguments for claim 1 and 10 
above). 
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CONCLUSION 

In view of the foregoing, Applicants believe all claims now pending in this 
Application are in condition for allowance. The issuance of a formal Notice of Allowance at an 
early date is respectfully requested. 

If the Examiner believes a telephone conference would expedite prosecution of 
this application, please telephone the undersigned at 415-576-0200. 

Respectfully submitted, 

/Preetam B Pagar / 

Preetam B. Pagar 
Reg. No. 57,684 

TOWNSEND and TOWNSEND and CREW LLP 

Two Embarcadero Center, Eighth Floor 

San Francisco, California 941 1 1-3834 

Tel: 415-576-0200 

Fax: 415-576-0300 
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